Closed Bug 1576181 Opened 5 years ago Closed 5 years ago

User can login with incorrect password into Facebook even after Update with incorrect credentials

Categories

(Toolkit :: Password Manager: Site Compatibility, defect)

Product:
Toolkit
Component:
Password Manager: Site Compatibility
Platform:
Desktop
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID
Tracking Flags:
Tracking Status
firefox68 --- affected
firefox69 --- affected
firefox70 --- affected

People

(Reporter: vlucaci, Unassigned)

Details

Attachments

(1 file)

strange facebook behavior.gif
2.04 MB, image/gif
Details

Affected versions

  • 69.0b16
  • 68.0.2
  • 70.0a1 (2019-08-23)

Affected platforms

  • Windows 10x64
  • macOS 10.14.6
  • macOS 10.11
  • Ubuntu 18.04x64

Steps to reproduce

  1. Go to facebook.com
  2. Log into FB with valid credentials.
  3. Choose to save credentials from Doorhanger.
  4. Log out of FB.
  5. Add "1" to the end of the password.
  6. Log in again. (it shouldn't log you at all since this is not the actual password)
  7. Click Update from doorhanger.
  8. Log out of FB again.
  9. Log in again with the saved and updated(incorrect) password.

Expected result

  • The website should state that access to the account is not possible because an incorrect password has been inputted.

Actual result
*You can now log into FB with an updated , incorrect password.

Regression range

  • Not a regression. Seems to be website specific.

Additional notes

  • Managed to reproduce this on latest Google Chrome as well.
Has Regression Range: --- → no

This isn't a bug with Firefox so closing. Facebook is being clever to help users login so they can be mined for profit.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: